DNS data shows one in 10 organizations have malware traffic on their networks
CSO Online – Lucian Constantin
Akamai report highlights how widespread malware threats remain, noting the dangers of threats specific to DNS infrastructure. According to the data, between 9% and 13% of all devices seen by Akamai making DNS requests every quarter, tried to reach a malware-serving domain. Between 4% and 6% tried to resolve known phishing domains and between 0.7% and 1% tried to resolve C2 domains.

Botnets were the top category accounting for 44% of the malicious C2 traffic, not even taking into account some prominent botnets like Emotet or Qakbot whose operators are in the business of selling access to systems and were therefore counted in the IAB category. The largest botnet observed by Akamai in C2 traffic originating from enterprise environments is QSnatch which relies on a piece of malware that specifically infects the firmware of outdated QNAP network-attached storage (NAS) devices. IABs were the second largest category in C2 DNS traffic âthe biggest threats in this group being Emotet, with 22% of all infected devices, and Qakbot with 4%.
Link: https://www.csoonline.com/article/3690518/dns-data-shows-one-in-10-organizations-have-malware-traffic-on-their-networks.html#jump